C# 属性ValidateInput(false)和allowattribute在筛选器类中不起作用
当我将用户名编辑为html标记或xml标记时,它将生成如下异常:C# 属性ValidateInput(false)和allowattribute在筛选器类中不起作用,c#,asp.net-mvc,asp.net-mvc-4,C#,Asp.net Mvc,Asp.net Mvc 4,当我将用户名编辑为html标记或xml标记时,它将生成如下异常: filterContext.HttpContext.Request.Params[“key”]中的潜在危险请求.Form 但是我有mension[ValidateInput(false)]为什么不在MyFilter类中处理它 以下是我的代码: 过滤器配置.cs: public class FilterConfig { public static void RegisterGlobalFilters(GlobalFilte
filterContext.HttpContext.Request.Params[“key”]中的潜在危险请求.Form
但是我有mension[ValidateInput(false)]
为什么不在MyFilter
类中处理它
以下是我的代码:
过滤器配置.cs:
public class FilterConfig
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new MyFilter());
}
}
public class MyFilter: IAuthorizationFilter
{
public void OnActionExecuted(ActionExecutedContext filterContext)
{
SessionDataManagement.BackupCurrent();
}
public void OnAuthorization(AuthorizationContext filterContext)
{
string requestID = filterContext.HttpContext.Request.Params["key"];
}
}
public class CompanyController : BaseController
{
[HttpPost]
[ValidateAntiForgeryToken]
[ValidateInput(false)]
public ActionResult Edit(Class1 objCompany)
{
//Logic
}
}
public class Class1
{
[Required]
[AllowHtml]
[StringLength(200)]
public string UserName { get; set; }
}
MyFilter.cs:
public class FilterConfig
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new MyFilter());
}
}
public class MyFilter: IAuthorizationFilter
{
public void OnActionExecuted(ActionExecutedContext filterContext)
{
SessionDataManagement.BackupCurrent();
}
public void OnAuthorization(AuthorizationContext filterContext)
{
string requestID = filterContext.HttpContext.Request.Params["key"];
}
}
public class CompanyController : BaseController
{
[HttpPost]
[ValidateAntiForgeryToken]
[ValidateInput(false)]
public ActionResult Edit(Class1 objCompany)
{
//Logic
}
}
public class Class1
{
[Required]
[AllowHtml]
[StringLength(200)]
public string UserName { get; set; }
}
MyController.cs:
public class FilterConfig
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new MyFilter());
}
}
public class MyFilter: IAuthorizationFilter
{
public void OnActionExecuted(ActionExecutedContext filterContext)
{
SessionDataManagement.BackupCurrent();
}
public void OnAuthorization(AuthorizationContext filterContext)
{
string requestID = filterContext.HttpContext.Request.Params["key"];
}
}
public class CompanyController : BaseController
{
[HttpPost]
[ValidateAntiForgeryToken]
[ValidateInput(false)]
public ActionResult Edit(Class1 objCompany)
{
//Logic
}
}
public class Class1
{
[Required]
[AllowHtml]
[StringLength(200)]
public string UserName { get; set; }
}
Class1.cs:
public class FilterConfig
{
public static void RegisterGlobalFilters(GlobalFilterCollection filters)
{
filters.Add(new MyFilter());
}
}
public class MyFilter: IAuthorizationFilter
{
public void OnActionExecuted(ActionExecutedContext filterContext)
{
SessionDataManagement.BackupCurrent();
}
public void OnAuthorization(AuthorizationContext filterContext)
{
string requestID = filterContext.HttpContext.Request.Params["key"];
}
}
public class CompanyController : BaseController
{
[HttpPost]
[ValidateAntiForgeryToken]
[ValidateInput(false)]
public ActionResult Edit(Class1 objCompany)
{
//Logic
}
}
public class Class1
{
[Required]
[AllowHtml]
[StringLength(200)]
public string UserName { get; set; }
}